Hi,
these links should help:
http://msdn.microsoft.com/library/de...vacypolicy.asp http://support.microsoft.com/?kbid=324013
The easiest thing to do is to just add compact policies to HTTP headers,
thru IIS. This can be done very quickly, esp. if you just use some sample
policies which is kind of cheating, but this might not be the "right" thing
to do, depending on the likelihood of your site getting sued by a user who
somehow discovers that your compact policy doesnt actually reflect your
company's privacy policy, and gets upset enough to call a lawyer.
Actually i think the chances of that happening for most sites are almost
zero, and ive never heard of any cases where P3P is anything more than an
annoying "feature" that trips up a lot of people. So i would guess the
majority of web programmers just take the easy way out and add this dummy
header which -should- be enough to fool IE into thinking that a compact
policy exists:
CP="TST". If you use that dummy header make sure to test it with latest
version of IE6, with "medium" setting.
On the other end of the scale you could get your company's legal dept
involved in crafting the privacy policy for your site, and work with them to
translate it according to the P3P spec. But that could take a while. :^P
HTH,
Premier JiangZemin
"MartinH" <ni**@nospam.invalid> wrote in message
news:f7********************************@4ax.com...
Hi,
Thanks for your answer. You spotted the problem. Indeed, its all
working when i working when i adjust the privacy settings in my
browser from medium to accept all cookies.
Can you deliver any insight on setting the priviacy policy on the
website to have the browser accept the cookies? Or steer me in the
right direction?
Tia, Martinh
On Thu, 24 Mar 2005 20:21:55 -0500, "JiangZemin"
<fo*********@example.com> wrote:
Hi,
I would guess (not knowing how you are setup) this has something to do
with
how your intranet and internet sites have different domains and this is
affecting how IE is dealing with cookie security.
You may need to implement P3P privacy policy on the servers in order for
cookies to work (its easy). This is not really a .NET problem but more of
a
"dang, why did they put that feature in IE6" problem. Please refer to
this
short article:
http://www.microsoft.com/windowsxp/u...nmore/ie6.mspx
For example, your intranet site might be acting as a third-party site to
your first-party internet site, and by default IE6 blocks third-party
cookies. You can try testing this by setting IE6 cookie security to
"accept
all cookies" and see what happens.
Another alternative to the P3P thing is if you have control over all users
browsers, you could change their Privacy settings in their browsers, to
override the IE6 defaults.
HTH,
Premier JiangZemin
"Martin Heuckeroth" <ni**@nospam.invalid> wrote in message
news:3i********************************@4ax.com. .. Hi
We are working on a webservice application and are having some
problems with the cookies and/or sessions.
We have them working on our intranet but then its not working on the
internet. We have been looking our asses off but can not find a
working solution.
the code we came up with is ...
Public Sub SetCookies(ByVal cUserAlias, ByVal nUserID)
Response.Cookies("userInfo")("userAlis") = cUserAlias
Response.Cookies("userInfo")("userID") = nUserID
Response.Cookies("userInfo").Expires = DateTime.Now.AddDays(1)
End Sub
If Not Request.Cookies("userInfo") Is Nothing Then
cUserAlias =
Server.HtmlEncode(Request.Cookies("UserInfo")("use rAlias"))
nUserId =
Server.HtmlEncode(Request.Cookies("UserInfo")("use rID"))
End If
What are we doin wrong. Why is there no cookie created when we logon
to our project over the internet and IS there a cookie created when we
logon over our intranet. Any help is appreciated
Martin